An error occurred (AccessDeniedException) when calling the GetSecretValue operation: Access to KMS is not allowed about aws-secrets-manager-rotation-lambdas HOT 3 CLOSED

Even i am getting the same exception but for mysql. Even though all permissions are there.

[ERROR] ClientError: An error occurred (AccessDeniedException) when calling the GetSecretValue operation: Access to KMS is not allowed
Traceback (most recent call last):
  File "/var/task/lambda_function.py", line 72, in lambda_handler
    create_secret(service_client, arn, token)
  File "/var/task/lambda_function.py", line 108, in create_secret
    current_dict = get_secret_dict(service_client, arn, "AWSCURRENT")
  File "/var/task/lambda_function.py", line 310, in get_secret_dict
    secret = service_client.get_secret_value(SecretId=arn, VersionStage=stage)
  File "/var/runtime/botocore/client.py", line 357, in _api_call
    return self._make_api_call(operation_name, kwargs)
  File "/var/runtime/botocore/client.py", line 676, in _make_api_call
    raise error_class(parsed_response, operation_name)

from aws-secrets-manager-rotation-lambdas.

This error usually occurs because the KMS key attached to a secret has changed. Changing the key associated with a secret via the AWS CLI does not re-encrypt the secret using the new key. (But doing so via the console does.) Please try following the steps from AWS Premium Support to see if that resolves the issue.

from aws-secrets-manager-rotation-lambdas.

If, after following @chrisoverzero advice, you are still experiencing this issue please open a support case with AWS.

from aws-secrets-manager-rotation-lambdas.